Sign-up

VARIoT news about IoT security

Cisco Firepower Device Manager On-Box Software Remote Code Execution Vulnerability

Trust: 5.0

Fetched: Feb. 27, 2024, 9:17 a.m., Published: Sept. 2, 2021, 1:36 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: firepower
vendor: cisco model: device manager

How to Use Nessus To Scan a Network for Vulnerabilities | Lifehacker

Trust: 3.5

Fetched: Feb. 27, 2024, 9:15 a.m., Published: Oct. 27, 2016, 3 p.m.
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: google model: home
vendor: apple model: apple tv
vendor: trend model: security

Tripwire IP360 - Vulnerability Management | Tripwire

Trust: 3.25

Fetched: Feb. 27, 2024, 9:09 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tripwire model: ip360

IoT Firewall. Definition, Features, Advantages and Disadvantages - zenarmor.com

Trust: 4.5

Fetched: Feb. 25, 2024, 10:33 a.m., Published: Jan. 16, 2003, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: check point software technologies model: check point
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: google model: home
vendor: check point model: check point
vendor: cisco model: meeting
vendor: cisco model: threat response
vendor: palo model: networks
vendor: palo model: firewall

Understanding IoT Security: Challenges, Standards & Best Practices | Sternum IoT

Trust: 4.25

Fetched: Feb. 25, 2024, 10:31 a.m., Published: Feb. 21, 2024, 12:59 p.m.
 Vulnerabilities: service disruption, denial of service
Affected productsExternal IDs
vendor: trend model: security

Forescout reveals 56 flaws in OT devices from 10 companies - Earn Charter - Earn Charter

Trust: 3.75

Fetched: Feb. 25, 2024, 10:31 a.m., Published: Feb. 25, 2056, midnight
 Vulnerabilities: authentication bypass, denial of service, code execution
Affected productsExternal IDs
vendor: motorola model: motorola

NAS Security Guide 2024: Easy Steps to Secure Your Device

Trust: 3.5

Fetched: Feb. 25, 2024, 10:30 a.m., Published: June 14, 2017, 1:32 p.m.
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: google model: home
vendor: synology model: diskstation
vendor: synology model: diskstation manager

What Is the Difference Between Lutron and Savant? - ByRetreat

Trust: 3.5

Fetched: Feb. 25, 2024, 10:29 a.m., Published: Jan. 30, 2024, 5:57 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

nodejs - Security Vulnerabilities in 2024

Related entries in the VARIoT vulnerabilities database: VAR-202310-0175

Trust: 5.25

Fetched: Feb. 25, 2024, 10:22 a.m., Published: Feb. 25, 2024, midnight
 Vulnerabilities: directory traversal, resource exhaustion, path traversal...
Affected productsExternal IDs
vendor: node.js model: node.js
vendor: nodejs model: node.js
db: NVD ids: CVE-2023-30581, CVE-2023-32004, CVE-2023-32559, CVE-2023-39332, CVE-2023-32006, CVE-2023-44487, CVE-2023-30585, CVE-2023-32002, CVE-2023-30584, CVE-2023-45143, CVE-2023-23918, CVE-2023-38552, CVE-2023-23920, CVE-2023-32003, CVE-2023-30590, CVE-2023-30588, CVE-2023-32558, CVE-2023-30586, CVE-2023-30589, CVE-2023-32005, CVE-2023-39331

Press Trust of India: Apple's reply on device vulnerability not totally clear: MoS IT on iPhone alert to MPs

Trust: 3.0

Fetched: Feb. 25, 2024, 10:20 a.m., Published: March 9, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

ClamAV OLE2 File Format Parsing Denial of Service Vulnerability

Trust: 4.75

Fetched: Feb. 25, 2024, 10:08 a.m., Published: Feb. 13, 2024, 5:57 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav

New Wi-Fi Vulnerabilities Expose Android and Linux Devices t... - vulnerability database | Vulners.com

Trust: 4.25

Fetched: Feb. 25, 2024, 10:07 a.m., Published: Feb. 21, 2024, 4:16 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2023-52160, CVE-2023-52161

Vulnerabilities in HP Laser printers (Feb. 2024) | Born's Tech and Windows World

Trust: 5.75

Fetched: Feb. 25, 2024, 9:58 a.m., Published: Feb. 24, 2024, 9:06 a.m.
 Vulnerabilities: buffer overflow, information disclosure, code execution
Affected productsExternal IDs
vendor: hewlett packard model: hp laserjet
vendor: hewlett packard model: laserjet printers
vendor: hewlett packard model: laserjet
db: NVD ids: CVE-2024-0794, CVE-2024-0407

CVE-2023-40111: Understanding the Vulnerability in MediaSessionRecord.java and Escalating Privileges on Android Devices

Trust: 3.0

Fetched: Feb. 25, 2024, 9:58 a.m., Published: Feb. 15, 2024, 11:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-401112, CVE-2023-40111

Critical Remote Code Execution Vulnerability Patched in Android - Xynik

Trust: 5.75

Fetched: Feb. 25, 2024, 9:56 a.m., Published: Feb. 6, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: notes
db: NVD ids: CVE-2024-0031

CVE-2024-0016: Out of Bounds Read Vulnerability Leads to Paired Device Information Disclosure without User Interaction

Trust: 5.0

Fetched: Feb. 25, 2024, 9:55 a.m., Published: Feb. 16, 2024, 8:15 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2024-0016

CVE-2024-26586 - vulnerability database | Vulners.com

Trust: 3.75

Fetched: Feb. 25, 2024, 9:55 a.m., Published: Feb. 22, 2024, midnight
 Vulnerabilities: machine crash, kernel panic
Affected productsExternal IDs
db: NVD ids: CVE-2024-26586

SMS - Less Secure Than You Might Think

Trust: 5.5

Fetched: Feb. 25, 2024, 9:54 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: integer overflow, code execution
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2022-27492, CVE-2022-36934

Kandji - Product updates | Automated Device Enrollment: New Language

Trust: 3.25

Fetched: Feb. 25, 2024, 9:53 a.m., Published: Feb. 21, 2024, 6:59 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: apple tv

Hackers find a ‘Shortcut’ to data stored on iPhones, iPads, and Macs | CSO Online

Trust: 4.0

Fetched: Feb. 25, 2024, 9:53 a.m., Published: Feb. 23, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2023-23204